This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft File: 5PKoZiAvS4y8MzgtboLYHYlkyA4.mft (raw, json) Hash identifier: AM6hqJLhO2SeZjxnz2xyW7SmpG3KgQ84Ts4Vhsi80gw= Subject key identifier: 33:B3:5E:DC:A2:E2:12:60:50:D7:7E:E7:7C:DD:0A:FA:D9:86:7E:F3 Authority key identifier: E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E Certificate issuer: /CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e Certificate serial: 019B766D4B451800CDDF5F3AD6ECBD709BAF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft Manifest number: 17A6 Signing time: Wed 31 Dec 2025 22:00:32 +0000 Manifest this update: Wed 31 Dec 2025 22:00:32 +0000 Manifest next update: Thu 01 Jan 2026 22:00:32 +0000 Files and hashes: 1: 5PKoZiAvS4y8MzgtboLYHYlkyA4.crl (hash: 2oWQY/JCysOORFRnoF1Nnt5KB6UOyD+vLKVjYqcMwoA=) 2: DwTC30oaWKwssRCXrBoUlk9Q5bw.roa (hash: ijzA7vHvds3BxvrPMvxvhrjeIw/3n+d/qJzXMvHrD7s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:6d:4b:45:18:00:cd:df:5f:3a:d6:ec:bd:70:9b:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e Validity Not Before: Dec 31 22:00:32 2025 GMT Not After : Jan 1 22:00:32 2026 GMT Subject: CN=33b35edca2e2126050d77ee77cdd0afad9867ef3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fc:88:ca:2d:b4:c8:f8:2d:25:6e:93:94:dc: b2:b7:25:eb:3f:44:7b:04:85:c1:3c:29:b9:f5:9b: 29:f9:aa:43:5d:0e:57:5e:df:f3:9c:79:59:50:d9: 66:e8:fa:fe:7c:d3:89:21:ad:5a:ab:4c:8c:58:2e: f5:03:d9:3b:00:d5:55:4b:04:82:de:a9:fe:b5:11: e4:ce:1a:ee:92:4d:9d:7e:f9:73:a7:8f:2e:9f:96: f2:37:fb:32:98:f3:05:13:92:08:58:29:3c:47:36: 36:d8:09:7b:c1:b7:66:b6:ca:91:91:ed:5c:40:f6: c8:55:66:a0:ce:72:f1:cf:e8:72:43:8b:96:2d:90: a9:a9:09:91:8d:b5:da:75:3a:92:25:df:5c:a8:17: f7:1e:61:8c:e9:7e:c8:f8:3a:b8:bc:61:01:d5:81: 5f:e9:9d:f7:b4:a3:40:6f:f2:0a:de:5b:63:4c:c8: 0e:f5:ff:17:79:3d:86:ce:65:77:ca:c1:2a:76:03: 43:82:48:ae:7f:1b:a4:b2:7c:85:8f:a0:f4:3d:68: 68:74:d2:6e:a2:d1:ff:c3:0e:c5:ee:86:80:19:81: 14:17:ff:79:e2:ae:9c:30:3c:73:de:b4:8b:7b:47: 86:21:d4:35:ac:9f:05:f1:50:f9:d2:6e:c0:74:b7: d8:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:B3:5E:DC:A2:E2:12:60:50:D7:7E:E7:7C:DD:0A:FA:D9:86:7E:F3 X509v3 Authority Key Identifier: keyid:E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:61:90:01:e2:c8:3c:af:d1:ba:fb:5e:1d:02:7d:e1:95:2d: 2d:bf:e7:8d:ee:5d:de:80:25:cd:9e:3b:62:3f:d3:7a:38:5a: 03:0d:7f:7b:77:c2:5f:7b:c5:4f:24:b2:2a:2f:0b:ae:96:76: 45:6a:1c:25:3d:df:bb:f7:15:2c:3d:3b:b5:d9:d0:f0:65:d1: e9:6b:6a:6b:67:51:d4:53:e5:be:e6:79:76:6e:59:ba:0a:9b: 12:d3:43:71:b5:f7:07:44:43:34:ad:b0:ed:84:73:6c:15:04: 36:aa:5b:0d:41:ad:68:42:17:63:f3:9c:30:a6:ec:21:25:9f: ef:62:14:f2:a1:3a:81:c3:79:6a:c4:f9:a5:0e:09:21:2a:6a: 1e:fe:55:ca:00:ad:80:3d:1a:37:6f:28:38:8b:98:c8:c8:01: 81:ac:9f:c7:d7:a1:cf:ae:14:e0:6c:cc:d3:10:7f:b7:f9:92: 9b:a6:c3:94:32:9a:ac:b0:f5:7a:99:61:3c:b3:77:7e:68:6c: ea:60:54:39:66:34:51:6d:ef:be:87:70:74:d2:2a:7e:44:43: e5:c8:87:de:5d:9d:b2:20:21:79:dc:ea:50:9c:70:f4:62:5f: 2c:25:f4:de:a4:fb:cf:e7:50:ba:58:c9:c9:7b:37:4c:58:87: e5:ce:85:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt2bUtFGADN31861uy9cJuvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0ZjJhODY2MjAyZjRiOGNiYzMzMzgyZDZlODJkODFkODk2 NGM4MGUwHhcNMjUxMjMxMjIwMDMyWhcNMjYwMTAxMjIwMDMyWjAzMTEwLwYDVQQD EygzM2IzNWVkY2EyZTIxMjYwNTBkNzdlZTc3Y2RkMGFmYWQ5ODY3ZWYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/yIyi20yPgtJW6TlNyytyXrP0R7 BIXBPCm59Zsp+apDXQ5XXt/znHlZUNlm6Pr+fNOJIa1aq0yMWC71A9k7ANVVSwSC 3qn+tRHkzhrukk2dfvlzp48un5byN/symPMFE5IIWCk8RzY22Al7wbdmtsqRke1c QPbIVWagznLxz+hyQ4uWLZCpqQmRjbXadTqSJd9cqBf3HmGM6X7I+Dq4vGEB1YFf 6Z33tKNAb/IK3ltjTMgO9f8XeT2GzmV3ysEqdgNDgkiufxuksnyFj6D0PWhodNJu otH/ww7F7oaAGYEUF/954q6cMDxz3rSLe0eGIdQ1rJ8F8VD50m7AdLfYGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDOzXtyi4hJgUNd+53zdCvrZhn7zMB8GA1UdIwQY MBaAFOTyqGYgL0uMvDM4LW6C2B2JZMgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEt MWE1MTNkZjA2OWZjLzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEtMWE1MTNkZjA2OWZj LzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQmGQAeLI PK/RuvteHQJ94ZUtLb/nje5d3oAlzZ47Yj/TejhaAw1/e3fCX3vFTySyKi8LrpZ2 RWocJT3fu/cVLD07tdnQ8GXR6Wtqa2dR1FPlvuZ5dm5ZugqbEtNDcbX3B0RDNK2w 7YRzbBUENqpbDUGtaEIXY/OcMKbsISWf72IU8qE6gcN5asT5pQ4JISpqHv5VygCt gD0aN28oOIuYyMgBgayfx9ehz64U4GzM0xB/t/mSm6bDlDKarLD1eplhPLN3fmhs 6mBUOWY0UW3vvodwdNIqfkRD5ciH3l2dsiAhedzqUJxw9GJfLCX03qT7z+dQuljJ yXs3TFiH5c6Fkg== -----END CERTIFICATE-----Generated at Thu Jan 1 01:02:23 2026 by rpki-client